Wi-Fi Security: Cracking WPA With CPUs, GPUs, And The Cloud
-
Page 1:How Secure Is Your Wireless Network?
-
Page 2:Test Setup
-
Page 3:Network Security: The First Line Of Defense
-
Page 4:WEP Is Dead, Haven't You Heard?
-
Page 5:Understanding WPA/WPA2: Hashes, Salting, And Transformations
-
Page 6:WPA Cracking: It Starts With Sniffing
-
Page 7:CPU-Based Cracking: Like Watching Paint Dry
-
Page 8:GPU-Based Cracking: AMD Vs. Nvidia In Brute-Force Attack Performance
-
Page 9:Nvidia's Tesla And Amazon's EC2: Hacking In The Cloud
-
Page 10:Securing Your WPA-Protected Network
GPU-Based Cracking: AMD Vs. Nvidia In Brute-Force Attack Performance
So, what happens when we put GPUs to work on the same task?
| Intel Core i5-2500K | Nvidia GeForce GTX 460 1 GB | |
|---|---|---|
| Cores | 4 (no HT) | 336 |
| Clock Speed | 3.3 GHz (base) | 1350 MHz |
| Wireless Security Auditor | 4752 passwords/s | 18 105 passwords/s |
| Pyrit Benchmark | 3949.13 PMKs/s | 17 771.6 PMKs/s |
| Pyrit w/CoWPAtty | 3306.85 passwords/s | 19 077.15 passwords/s |
| Time To Crack Passwords Between 1 and 6 Characters (Alphanumeric) | 140 days, 14 hours (WSA) | 35 days (Pyrit) |
| Time To Crack Passwords Between 1 and 8 Characters (Alphanumeric) | 1480 years, 311 days (WSA) | 368 years, 319 days (Pyrit) |
Compared to CPUs, the performance difference is incredible. A single GeForce GTX 460 manages roughly 4x the performance of a Core i5-2500K.
That Forensic Computers, Inc. Tableau TACC1441 mentioned earlier should have been an indication that GP-GPU computation would outperform desktop CPUs. After all, the FPGA-based accelerator consists of a massively parallel array of processors that operate in concert to attack multiple types of encryption schemes. This is a problem better-addressed by many cores operating concurrently.
Now, we know how a mid-range graphics card fares against a fairly mid-range CPU. What happens when we start ratcheting up the complexity of our graphics configuration?
It's striking to see how much faster AMD's cards are than Nvidia's. The Radeon HD 6990 sports a greater number of ALUs than the GeForce GTX 590, though. Moreover, it has been shown that there are certain operations AMD's ALUs are able to execute more efficiently.
For some reason, we did have to enable CrossFire to get the second Radeon HD 6990 to appear under WSA (generally, multi-GPU configurations don't need to be running in CrossFire or SLI to operate cooperatively). Both technologies can slow down a brute-force attack because they're designed to help balance GPU workloads. In this case, CrossFire actually works to the detriment of performance. With AMD's multi-card feature disabled, we achieve the expected linear performance scaling in Linux.
Brute-force password cracking in a reasonable amount of time is wholly dependent on the number of cores you wield and the speed at which they operate.
| Time To Find Crack... | Passwords Between 1 and 6 Characters (Alphanumeric) | Passwords Between 1 and 8 Characters (Alphanumeric) |
|---|---|---|
| Nvidia GeForce GTX 460 1 GB | 35 days (Pyrit w/ CoWPAtty) | 368.9 years (Pyrit w/ CoWPAtty) |
| Nvidia GeForce GTX 590 | 11.6 days (Pyrit w/ CoWPAtty) | 122.5 years (Pyrit w/ CoWPAtty) |
| 2 x Nvidia GeForce GTX 590 | 6.5 days (WSA) | 68.66 years (WSA) |
| AMD Radeon HD 6850 | 20.4 days (WSA) | 214.75 years (WSA) |
| AMD Radeon HD 6990 | 5.88 days (WSA) | 62.24 years (WSA) |
| 2 x AMD Radeon HD 6990 | 3.08 days (Pyrit w/ CoWPAtty) | 32.97 years (Pyrit w/ CoWPAtty) |
Though not common, a pair of GeForce GTX 590s or Radeon HD 6990s in a high-end gaming rig isn't unheard of. Clearly, passwords consisting of seven characters or more are fairly safe. But bear in mind also that we're also looking at worst-case scenarios. The numbers cited above are indicative of searching for a password between 00 and 99, and the right answer ends up being 99. The correct answer is just as likely to be 00, slashing the compute time.
- How Secure Is Your Wireless Network?
- Test Setup
- Network Security: The First Line Of Defense
- WEP Is Dead, Haven't You Heard?
- Understanding WPA/WPA2: Hashes, Salting, And Transformations
- WPA Cracking: It Starts With Sniffing
- CPU-Based Cracking: Like Watching Paint Dry
- GPU-Based Cracking: AMD Vs. Nvidia In Brute-Force Attack Performance
- Nvidia's Tesla And Amazon's EC2: Hacking In The Cloud
- Securing Your WPA-Protected Network
Still makes me laugh every time!
Then either beer at your place is really expensive or internet is really cheap. Need 6x12 pack for me.
This is an extremely wrong conclusion. Extremely wrong.
i.e ape can be written:
ape, Ape, aPe, apE, APe, aPE, ApE, APE.
Thats 2^3=8 permutations. Add a number after and you get (2^3)*(10^1)=80 permutations.
You can write PasswordPassword in 2^16=65536 ways.
How about using a long sentence as a password?
i.e MyCatIsSuperCuteAndCuddly, thats 2^25 permutations
Can you scan for the MAC addresses? It's probably easy to get and fake MAC adresses, or it would have been mentioned.
*scans networks*
12 networks here,
1 still using WEP
10 allowing WPA with TKIP
only 1 using WPA2 with AES only (my network)
Still makes me laugh every time!
Same over here. I have a guest though, its a bit weaker than my main network. The guest is a 20 alphanumerical character long WPA2 AES-256bit. My main is 40 character long... Guess I went a bit overboard.
One of the best lines in the movie...
MAC address filtering is a joke, especially if the network actively broadcasts its SSID. Simple reason, MAC address and IP info is not even encrypted when sent over the air. So, wait for legit user to connect, grab his MAC, spoof MAC address and enjoy.
If you truly understand programming, then you know that my statement is a comparison of dictionary vs. brute-force attacks. In a dictionary attack, you provide a wordlist, which is used to make unique combination. For a brute-force attack, each letter is randomly selected and joined together in a string. The length of a password has no bearing on the number of KDFs. I suggest that you read Ivan Golubev's blog post and hit up the BackTrack forums if you need help understanding why this is the case.
RISC? That better be distributed if we're going to walk down that path. And as I've explained time and time again, rainbow tables are not valid for this type of attack. I purposely explained why under "Understanding WPA/WPA2."
Second, I'm not sure what you're using but Pyrit is considered the standard by which other brute-force crackers are measured for WPA/WPA2. It's what's used at DEFCON. Our version has some optimizations, but again, it you go to any of the major security conferences, you'll find that it's what people use.
Third, WEP is can be broken with relative ease because it's not a brute-force attack that renders it ineffective. It's a related key attack. Any nondirect attack leverages weaknesses in order to compromise a system. That's a different ballpark. We're dealing with cracking at the lowest common denominator.
Permutations of words don't count in a dictionary based attack. I mean com'on.
Cheers,
Andrew Ku
TomsHardware.com
I try to avoid picking on grammar or word errors, since it seems that many of these articles are translated from German. But this is a beauty.
The phrase is usually "testing their mettle," which the dictionary on Yahoo! defines as "Courage and fortitude; spirit." The usual error on this phrase is the substitution of the word "metal" by spell checkers, dictation software, or people who don't know the origin of the phrase.
But since these kiddies do indeed "meddle" with out networks, our data, and our lives, the substitution works elegantly.